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— The MAILING DATE of this communication appears on the cover sheet with the correspondence address— 

All claims being allowable, PROSECUTION ON THE MERITS IS {OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . ^ This communication is responsive to 21 December 2007 . 

2. El The allowed claim{s) is/are 10-12.17-26.30-35.42-48 and 51-57 . 

3. □ Acknowledgnnent is made of a claim for foreign priority under 35 U.S.C. § 1 19{a)-(d) or (f). 

a)n All b)nSome* c) □ None of the: 

1 . □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia sucli as the application number (see 37 CFR 1.84(c)) sliouid be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 
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DETAILED ACTION 

1 . This is in response to the Appeal Brief filed on 21 December 2007. 

2. Claims 10-12, 17-26, 30-35, 42-48 and 51-57 are pending in the application. 

3. Claims 10-12, 17-26, 30-35, 42-48 and 51-57 have been allowed. 

4. Claims 1-9, 13-16, 27-29, 36-41, 49, 50, 58 and 59 have been cancelled. 

EXAMINER'S AMENDMENT 

5. An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Benjamin Stasa on 14 March 2008. 

The apphcation has been amended as follows: 

Claim 17 (Amended) In a networked computing environment, a method of securing 
access to an information resource behind a security barrier, the method comprising: 

predefining a request message specification corresponding to a structured 
request language including extensible markup language ; 

formatting an access request in accordance with the structured request 
language; 

supplying the formatted access request to a first intermediary, the 
intermediary validating the formatted access request in accordance with the 
request message specification; and 
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forwarding the validated access request across the security barrier. 
Claim 22 (Amended) In a networked computing environment, a method of securing 
access to an information resource behind a security barrier, the method comprising: 

predefining a response message specification corresponding to a structured 
response language including extensible markup language ; 

formatting a response to an access request targeting the information 
resource, the formatted response being in accordance with the structured response 
language; 

supplying the formatted response to an intermediary, the intermediary 
validating the formatted response in accordance with the response message 
specification; and 

forwarding a validated response across the security barrier. 
Claim 24 (Amended) An information security system comprising: 
a security barrier; 

a proxy for an information resource, the proxy and the information 
resource on opposing first and second sides, respectively, of the security barrier; 

a data broker on the first side of the security barrier, wherein, in response 
to an access request targeting the information resource, the data broker validates a 
request message encoded in a structured request language including extensible 
markup language against a predefined request message specification therefor and 
forwards only validated request messages across the security barrier. 
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Claim 30 (Amended) A computer program product encoded in computer readable media, 
the computer program product comprising: 

data broker code and parser code executable on a first network server 
separated from an information resource by a security barrier; 

the data broker code including instructions executable as a first instance 
thereof to receive access requests in a structured language including extensible 
markup language corresponding to a predefined request message specification and 
to forward validated ones of the access requests across the security barrier toward 
the information resource; and 

the parser code including instructions executable as a first instance thereof 
to validate the received access requests against the predefined request message 
specification. 
Claim 38 (Cancelled) 
Claim 39 (Cancelled) 
Claim 40 (Cancelled) 
Claim 41 (Cancelled) 
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Claim 42 (Amended) A method of securing a data transaction across a security barrier, 
the method comprising: 

validating a request message encoded in a structured request language 
including extensible markup language against a predefined request message 
specification therefor; 

transmitting the validated request message across the security barrier; 

validating a response message encoded in a structured response language 
including extensible markup language against a predefined response message 
specification therefor, the response message corresponding to the validated 
request; and 

transmitting the validated response message across the security barrier. 
Claim 49 (Cancelled) 
Claim 50 (Cancelled) 
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Claim 55 (Amended) In a networked information environment including a client and an 
information resource separated by a security barrier, an information security system comprising: 
means for proxying an access request by the client targeting the 
information resource and for preparing a request message corresponding to the 
access request in a structured language including extensible markup language 
corresponding to a predefined request message specification; 

means for validating the request message against the predefined request 
message specification and forwarding only validated request messages across the 
security barrier. 
Claim 58 (Cancelled) 
Claim 59 (Cancelled) 

Allowable Subject Matter 

6. Claims 10-12, 17-26, 30-35, 42-48 and 51-57 have been allowed. 

The following is an examiner's statement of reasons for allowance: 
The current apphcation is directed towards a secure data broker that has been developed, 
which provides a restricted message based data exchange between a client apphcation and a 
secured information resource by allowing registered or verified messages to be brokered across a 
security barrier. In some configurations, both requests and responses are validated and brokered 
across the security barrier. In other configuration, either requests or responses are validated. To 
support validation, messages are formatted in accordance with a predefined message 
specification for at least part of a transaction path between a client application and an 
information resource accessed by the client application. 
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The closest prior art to the current apphcation is Dixon U.S. Patent No. 6,289,461 Bl. 
Dixon is directed towards a client system that stores messages and sends the messages to a server 
system. The messages are included in a request formatted according to a protocol that can 
traverse a firewall. Then the client system waits for a response from the server system. The 
response will also be formatted according to the protocol that can traverse the firewall. The 
response will include an indication of which messages the server system received from the client 
system in the last request. If a certain number of messages accumulate at the client system, or a 
certain amount of time passes before the response is received, the client system will send a 
second request. The server system also stores messages and sends the messages to the client 
system. The server system waits for a first request and a second request from the client system. 
If the first request has been received and a particular number of messages have accumulated at 
the server system, then the server system will send a response corresponding to the first request. 
If the second request is received, the server system will send the response corresponding to the 
first request even if no messages have accumulated. The response will include any accumulated 
messages. The next time the client system sends a request, the request will include an indication 
of which messages the client system received from the server system in the last response. 

However, there is a fundamental difference between the current application and the 
Dixon reference. Dixon teaches a predefined request/response message corresponding to a 
structured request language (i.e. HTTP). Dixon does not teach that the structured request 
language is XML. 

Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
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fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for 
Allowance." 

Conclusion 

1. Any inquiry concerning this communication or earher communications from the 
examiner should be directed to Aravind K. Moorthy whose telephone number is 571-272-3793. 
The examiner can normally be reached on Monday -Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published apphcations 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 


/Aravind K Moorthy/ 
Examiner, Art Unit 2131 

/Gilberto Barron Jr/ 

Supervisory Patent Examiner, Art Unit 2132 


